DragonFly BSD
DragonFly users List (threaded) for 2006-11
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: [patch] Multiple ips for jails

From: Victor Balada Diaz <victor@xxxxxxxxx>
Date: Tue, 14 Nov 2006 12:13:50 +0100

On Tue, Nov 14, 2006 at 11:31:57AM +0100, Joerg Sonnenberger wrote:
> On Tue, Nov 14, 2006 at 10:00:54AM +0100, Simon 'corecode' Schubert wrote:
> > Joerg Sonnenberger wrote:
> > >At least the IPv6 case is incomplete as it doesn't deal with mapped ipv4
> > >addresses. I also don't think the behaviour for INADDR_ANY is correct.
> > 
> > Could you elaborate on that?  How should mapped ipv4 addresses be handled?  
> > I guess there would need to be a check for already used ipv4 addresses, and 
> > vice versa.
> If mapped IPv4 addresses are allowed, they should get exactly the same
> handling as normal IPv4 addresses. Esp. mapped needs to be
> handled accordingly.

The mapped ipv4 addresses needs further investigation, i'll check
it ASAP.

> > What behaviour for INADDR_ANY would be correct?  (If you can use this term)
> When a socket is allowed to bind to INADDR_ANY two things have to be
> guarantied:
> (a) Connections to it are effectively only allowed, when one of the jail
> IPs can be used. E.g. if the jail is bound to and,
> but the machine has also as IP, a connection to that must not
> go to the jail.

This is already guaranteed.

> (b) Connections *from* the jail must use one of the jail addresses as
> source. E.g. when the jail is bound to as before, a
> connection to must not use as soure address.
> This gets further complicated by the question whether or not binding to
> broadcast and/or multicast addresses should be enabled by default.

Multicast is not supported in jails.

La prueba más fehaciente de que existe vida inteligente en otros
planetas, es que no han intentado contactar con nosotros. 

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]